64bf709f72324fd88dad34b222efd8f4c99323591480231b0f533ff34de27c10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64bf709f72324fd88dad34b222efd8f4c99323591480231b0f533ff34de27c10
Size

27KB
Sample

221004-dka64saadr
MD5

02112571254a261a99751ea3f7a82160
SHA1

66355b0c520f0220c52d3c3fe36dc7f08e3937ee
SHA256

64bf709f72324fd88dad34b222efd8f4c99323591480231b0f533ff34de27c10
SHA512

3a46b91b62e29ca44201f6c96010e76b48aaf4aaef301aece8e809212975d301706bc01956de0741baafca88decc5ca2ca7c0870b327e569b5951ae68af68be3
SSDEEP

768:EJWeqv4iWpqXdgkiYCf6CX4t6CKwJ6dB1pR0d9TSx5nIC2:TeWViYkboQCKwJqB1Q1h

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  64bf709f72324fd88dad34b222efd8f4c99323591480231b0f533ff34de27c10
- Size
  
  27KB
- MD5
  
  02112571254a261a99751ea3f7a82160
- SHA1
  
  66355b0c520f0220c52d3c3fe36dc7f08e3937ee
- SHA256
  
  64bf709f72324fd88dad34b222efd8f4c99323591480231b0f533ff34de27c10
- SHA512
  
  3a46b91b62e29ca44201f6c96010e76b48aaf4aaef301aece8e809212975d301706bc01956de0741baafca88decc5ca2ca7c0870b327e569b5951ae68af68be3
- SSDEEP
  
  768:EJWeqv4iWpqXdgkiYCf6CX4t6CKwJ6dB1pR0d9TSx5nIC2:TeWViYkboQCKwJqB1Q1h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2